RNGD(8) System Manager's Manual RNGD(8)
NAME
rngd - Check and feed random data from hardware device to kernel random
device
SYNOPSIS
rngd [-b, --background] [-f, --foreground] [-d, --debug] [-l, --list]
[-x, --exclude] [-n, --include] [-O, --option] [-i, --ignorefail] [-o,
--random-device=file] [-p, --pid-file=file] [-r, --rng-device=file]
[-s, --random-step=nnn] [-t, --test] [-W, --fill-watermark=nnn] [-R,
--force-reseed=nnn] [-D, --drop-privileges=user:group] [-q, --quiet]
[-?, --help] [-v, --version]
DESCRIPTION
This daemon feeds data from a random number generator to the kernel's
random number entropy pool, after first checking the data to ensure
that it is properly random.
The -f or --foreground options can be used to tell rngd to avoid fork-
ing on startup. This is typically used for debugging. The -b or
--background options, which fork and put rngd into the background auto-
matically, are the default.
The -r or --rng-device options can be used to select an alternate
source of input, besides the default /dev/hwrng. The -o or --random-
device options can be used to select an alternate entropy output
device, besides the default /dev/random. Note that this device must
support the Linux kernel /dev/random ioctl API.
OPTIONS
-b, --background
Become a daemon (default)
-f, --foreground
Do not fork and become a daemon
-d, --debug
Enable debug messages
-l, --list
List the indexes and names of available entropy sources. Exit
code when listing sources is 0 if at least 1 entropy source was
found and initialized, 1 otherwise.
-x, --exclude
Disable entropy sources based on index or (shortname) reported
from --list option
-n, --include
Enable entropy sources based on index or (shortname) reported
from --list option
-O, --option
Provide specific config options to individual entropy sources,
in the format --option [index|shortname]:key:value. See Entropy
Sources section below for indices and source specific options.
Note that specifying -O [<index>|<shortname>] will print the
available options for that index to the console.
-p file, --pid-file=file
File used for recording daemon PID, and multiple exclusion
(default: /var/run/rngd.pid)
-i, --ignorefail
Ignore repeated fips failures
-o file, --random-device=file
Kernel device used for random number output (default: /dev/ran-
dom)
-r file, --rng-device=file
Kernel device used for random number input (default: /dev/hwrng)
-s nnn, --random-step=nnn
Number of bytes written to random-device at a time (default: 64)
-t, --test
Enter test mode. In this mode (which implies -f), all generated
entropy is discarded and rngd reports the amount of entropy gen-
erated every second.
-e nnn, --entropy-count=nnn
Number of bits to consider random when adding entropy. 1<=e<=8
(default: 8)
-W n, --fill-watermark=nnn
Once we start doing it, feed entropy to random-device until at
least fill-watermark bits of entropy are available in its
entropy pool. By default, this value is set to 75% of the
entropy pool size or 2048 bits if the entropy pool size couldn't
be determined. Setting this too high will cause rngd to domi-
nate the contents of the entropy pool. Low values will hurt
system performance during entropy starves. Do not set fill-
watermark above the size of the entropy pool (usually 4096
bits). A value of 0 to this option will cause no watermark to
be set.
-R n, --force-reseed=nnn
For newer kernels which support non-blocking entropy pools, it
is still beneficial to periodically add fresh entropy as a
reseeding event. --force-reseed defines the number of seconds
between which fresh entropy is added to the kernel entropy pool.
Defaults to 5 minutes.
-D, --drop-privileges=user:group
Drop privileges to a user and a group specified after initial-
ization. A user and a group can be specified as a name or as a
numerical id and must be separated with a colon. A user and a
group must exist. A default is not to drop privileges.
-q, --quiet
Suppress all messages
-?, --help
Give a short summary of all program options
-v, --version
Print program version
ENTROPY SOURCES
Rngd is made up of multiple entropy sources, the data from which is
aggregated and fed into the kernels entropy pool. Note that not all
entropy sources are available on all systems, and if an entropy source
is enabled for a system on which it is not appropriate (or possible) to
use, it may fail initialization. It is not fatal to rngd for any sin-
gle entropy source to fail during startup. Only a single entropy
sources is needed for rngd to operate. The following entropy sources
are currently defined in rngd
Hardware RNG (hwrng)
The Hardware RNG is a generic entropy source that draws entropy
from a hardware rng attached by default to /dev/hwrng
TPM (tpm)
Entropy drawn from on board TPM device. Note this entropy
source is deprecated and will be removed soon, as newer tpm
devices export entropy via /dev/hwrng, which is collected by the
hwrng source above
RDRAND/RDSEED (rdrand)
Entropy drawn from the RDRAND and RDSEED instructions (x86 only)
Options
use_aes - select if rdrand is used to seed a cprng to produce
entropy, or if all entropy is drawn directly from rdrand
instruction (default 0)
DARN (darn)
Entropy drawn from the DARN instruction (ppc64 only)
Options
use_aes - select if the power darn instruction is used to
directly fill the entropy poll, or if it is used as a periodic
seed to an aes based cprng (default 1)
RNDR (rndr)
Entropy drawn from the RNDR instruction (aarch64 only)
Options
use_aes - select if the arm rndr instruction is used to
directly fill the entropy poll, or if it is used as a periodic
seed to an aes based cprng (default 0)
NIST Entropy Beacon (nist)
Entropy gathered from the NIST network entropy beacon. Note
that this entropy source is disabled by default as it should
never be used for cryptographic purposes, or any use case in
which random data should be known only by a single entity.
Qrypt Entropy Beacon (qrypt)
Entropy gathered from the qrypt entropy beacon. Note this bea-
con provides entropy to remote clients over a TLS connection.
As such this source should not be used for cryptographic opera-
tions unless the security of the network can be guaranteed
against man in the middle and other network based attacks.
Options
tokenfile - Specify the file containing the access token to the
Qrypt beacon
delay - Specify the maximum delay (in seconds) that the source
will wait when there are temporary conditions preventing entropy
retrieval before trying to fetch entropy again. The default max-
imum delay is eight hours, exponentially counting up from one
second upwards, in powers of two.
JITTER (jitter)
Entropy gathered by measuring timing variance of operations on
the local cpu
Options
thread_count - Set the number of threads that the jitter
entropy source will spawn
buffer_size - Set the size of the buffer cache that each thread
maintains
refill_thresh - Set the low watermark for the cache that trig-
gers its corresponding thread to start refill operations
retry_count - If all entropy buffers are empty, retry this many
times before giving up. Note that jitterentropy can take sev-
eral seconds to refill a buffer, and so retries after a delay
may be preferable to repeatedly spining on an empty buffer
(default 1)
retry_delay - between each retry for retry_count above, sleep
for this many seconds. May also be the special value -1, repre-
senting adaptive sleep, where each retry delay will be half the
recorded execution time of the last entropy gathering round
(default -1)
force_soft_timer - on platforms with a hardware timer that is
too coarse to sample jitter, we can instead use a software based
timer loop. Detection and use of this mechanism is automatic,
but this can be useful for testing purposes
PKCS11 (pkcs11)
Entropy gathered via the opensc openssl engine, which can
extract entropy from various smart card readers. Install a pack-
age for your distribution containing pkcs11 endpoint library to
gather smartcard entropy. This is opensc for Fedora, opensc-
pkcs11 for Debian/Ubuntu or another package containing opensc-
pkcs11.so.
Options
engine_path - Set the patch for the pkcs11 engine DSO to load
chunk_size - Some pkcs11 engines have restrictions on how much
data can be requested at a time, this option allows for the
request to be subdivided into smaller chunks to be satisfied
RTLSDR (rtlsdr)
Entropy gathered via the rtl software defined radio library,
which can gather entropy using various usb software defined
radios listening to random radio static
Options
devid - When multiple devices are available the integer index
of the device to use
freq_min - The minimum frequence range to scan in
freq_max - The maximum frequency range to scan in
sample_min - The minimum sample rate of the radio
sample_max - The maximum sample rate of the radio
AUTHORS
Philipp Rumpf
Jeff Garzik - jgarzik AT pobox.com
Matt Sottek
Brad Hill
Neil Horman - nhorman AT tuxdriver.com
rng-tools 6.16 March 2001 RNGD(8)
Linux-Distributionen
Huschi als Linux-Admin